UPDATED June 26th, 2023: University of Manchester Targeted in Major Cyber Security Incident

Updated 26/06/2023: After Students and Saff of The University of Manchester received emails last week claiming to be from the attackers, stating that more than 7 Terabytes of data had been stolen in the attack, the university released a statement on Friday (June 23rd) stating;

“We understand that this will create concern for some, but we would like to assure our community that our internal and external experts are working around the clock to continue to address this and our investigations are continuing,” a spokesperson said.

“We are continuing to work with the relevant authorities, including the Information Commissioner’s Office, the National Cyber Security Centre (NCSC), the National Crime Agency and other regulatory bodies. Our cyber incident information page will also continue to be updated, as the first point of call for any ongoing updates.

“We are asking all staff and students to remain vigilant of any suspicious emails, including those that appear to come from those responsible for this incident. Do not engage with or reply to these emails in any way. We would like to thank all staff and students for their continued support and patience.”

Whilst the University state that they are still working to address the amount of information accessed in the attack, the Cyber Incident Page does confirm that personal information of Staff, Students & Alumni was accessed.

Updated 21/06/2023: Students and Staff members if The University of Manchester have received threatening emails from a group claiming to be the hackers responsible for the attack on the University. The messages warned of a forthcoming data leak and also threatened to sell personal information on the dark web/black market unless their ransom demands were met. The extent of individuals affected by the cyber attack and the extent of the data that has been accessed and stolen remains unknown. In response, the university has urged its community to be cautious of suspicious emails and to report them to the IT department.

Updated 14/06/2023: The University of Manchester has again reiterated its confirmation of a cyber attack on its systems that we reported on June 9th, along with the confirmation that data has likely been copied. The University has been actively working “around the clock” to manage the incident, with experts working to understand the extent of the data accessed by the cyber criminals behind the incident. It has been determined that a password reset will be required for all staff and students from June 14th. The University has also suspended VPN services for all accounts, though access to on-site systems continues unless otherwise stated. The University acknowledges that there may be significant disruptions ahead and extends gratitude to staff and students for their support during this critical period.

(09/07/2023) The University of Manchester, one of the largest higher education institutions in the UK, has confirmed it is currently tackling a significant cyber security incident. The university detected unauthorised activity on its network, leading to an urgent investigation to establish what data may have been compromised. It is believed that some of the university’s systems have been accessed by an unauthorised party and data potentially copied​.

The university is working with in-house experts, external support, and relevant authorities, including the Information Commissioner’s Office, the National Cyber Security Centre (NCSC), and the National Crime Agency (NCA), to resolve the situation and determine the scope of the data breach. Patrick Hackett, registrar, secretary, and chief operating officer at the university, expressed regret over the incident and stressed that resolving the issue and informing those affected is a priority. He also advised students and staff to be vigilant against any suspicious phishing emails and advised against downloading files from university systems for backup purposes.

This cyber security incident at the University of Manchester follows closely after a series of cyber attacks compromising the personal information of staff across global companies, including British Airways and Boots. These previous attacks were linked to a suspected Russian-speaking cybercrime gang known as Clop, which had exploited a vulnerability in the MOVEit Transfer software used globally for file transfers. However, no evidence has been found so far to suggest that the incident at the University of Manchester is related to these attacks or is a ransomware attack.

Further updates are expected from the University of Manchester as the situation unfolds and more information becomes available. Despite the recent wave of cyber attacks, it is important to note that these incidents are under investigation, and links between them are yet to be firmly established. It is vital for institutions and individuals alike to maintain cyber security vigilance and employ the best cyber security policies to battle these threats. Once more information becomes available we will update this article.

If you would like to find out about the key pillars of a comprehensive Cyber Security solution, click the link below to download our FREE Cyber Security Assessment form, you can also request to speak with one of our Cyber Security specialists.

Latest News Stories